-
Bug
-
Resolution: Cannot Reproduce
-
Major
-
None
-
8.2.0.Final
-
None
HTTPS undertow listener has 3 options for verify-client parameter: NOT_REQUESTED (Default), REQUESTED, REQUIRED. If it is set to NOT_REQUESTED (the default), it should not require a certificate chain unless the client requests a resource protected by a security constraint that uses CLIENT-CERT authentication. But when I tried to access secured resource as first, it don't requested certificate and return HTTP status 403.
- clones
-
WFLY-2810 HTTPS undertow listener request client certificate despite verify-client=NOT_REQUESTED
- Closed